Release 9.0.33.1¶

[Policy Management] Improved Uniqueness Handling for Long Policy Names¶

Resolved an issue where policy names exceeding 180 characters were incorrectly flagged as duplicates due to partial unique key indexing. The unique constraint on the x_policy table has been updated to use the full name field, ensuring accurate validation of long policy names. Error messages have also been improved to provide clearer feedback.

Updated Application Dependencies¶

Upgraded application dependencies to address known security vulnerabilities identified in CVE (Common Vulnerabilities and Exposures) report.

Base Image Upgraded¶

Updated the base image to a newer Debian version to address known security vulnerabilities identified in CVE (Common Vulnerabilities and Exposures) report

Security Vulnerability Fixes¶

Addressed known CVEs by updating vulnerable dependencies.

Enhancements to Grafana Portal Dashboard and Alerts¶

Improved the Grafana Portal dashboard with enhanced visualizations and usability updates. Introduced new alert rules to proactively monitor critical Portal metrics, including login failures, error rates, and connection status—enabling quicker issue detection and improved system reliability.

New Feature: Session Management Across Browser Tabs¶

Introduced support for detecting session changes across browser tabs and windows. If a different user logs in from another tab or window, the current tab will now automatically detect the change and refresh to display the correct user’s data.

Resolved SELECT Query Failure on VIEW in DBR 14.3 LTS¶

A fix has been implemented for Databricks Runtime 14.3 LTS to resolve failures when executing SELECT queries on VIEW objects. Previously, these queries were failing with a ClassCastException.

Updated Default Configuration for Tag Reconcile Loader in BigQuery Connector¶

The Tag Reconcile Loader is now enabled by default with a 540-second sync interval. This ensures automatic maintenance of tag consistency between the BigQuery connector and Apache Ranger. For more information, refer to the Tag Reconcile Loader Configuration section.

Support for OAuth Configuration in Self Managed (Portal Configuration) UI for Databricks Unity Catalog Connector¶

Added support for configuring OAuth connection properties in the Self Managed (Portal Configuration) UI for the Unity Catalog connector. For more information, refer to the OAuth Authentication section.

Added On-Demand Sync Support for Databricks Unity Catalog Connector¶

Added On-Demand Sync support for Databricks Unity Catalog connector. For more information, refer to the On-Demand Sync Supported Connectors section.

Fixed AnalysisException for DECIMAL Datatype in Databricks Unity Catalog Connector¶

Fixed an issue that caused an AnalysisException: [CANNOT_UP_CAST_DATATYPE] error when handling DECIMAL datatypes in masking use cases within the Databricks Unity Catalog Connector.

The connector now handles all DECIMAL(p,s) precision and scale combinations more reliably, resolving cases where certain DECIMAL types could cause data type casting errors. Previously, the system would default to DECIMAL(10,2) for processing, which could lead to type mismatches with other precision/scale combinations. This enhancement ensures masking operations work seamlessly across all DECIMAL variations.

Fixed Missing Connector Instance Name in PolicySync Audits for Databricks Unity Catalog Connector¶

Fixed an issue where the connector instance name for the Databricks Unity Catalog connector was not appearing in PolicySync audit logs as expected.

Fixed ABAC Condition Issues in Masking and RLF for Snowflake Connector¶

Fixed issues related to Attribute-Based Access Control (ABAC) conditions in Masking and Row-Level Filtering (RLF) for the Snowflake connector. For more information, refer to the Enable Native Support section.